Avast Online Security Pri

Name: Security Analysis: Avast Online Security Pri
Item: Avast Online Security Pri
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 6M+ users

📦 v22.12.9

💾 2.66MiB

📅 2025-09-24

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Blocks malicious websites and downloads with Avast Online Security, a browser security and web reputation plugin that helps protect you from online threats. Lets you browse safely and securely, without worrying about viruses or malware. Benefits most users who value their online safety and security.

Overview

Avast Browser Security - web reputation plugin
Avast-powered security for your Google Chrome browser.

Browse without worry or fear with Avast in your corner: we’ll check every site you visit, from Facebook to your bank, to ensure nothing puts you or your data at risk. We stop phishing attacks, show user reviews, and warn you if a site is deemed untrustworthy by our community of 400 million.

• Identifies and blocks phishing sites trying to steal your data
• See how website has been rated by a growing community of 400 million Avast users
• Easily check the rating of any website just by hovering over the link
• Warns you when you’re visiting websites with bad reputations
• If you have Avast Secure Browser installed, we’ll open it automatically when you shop or bank online to help protect your data
• Blocks annoying tracking cookies that collect data on your browsing activities

What data we collect
• URL - to check if the website is safe or not
• User's feedback - to tell whether the site rating and classification you received are relevant
• Usage data - To measure user’s behavior in UI and how user interacts with the extension
• Internal extension identifier(GUID) - to distinguish unique malware hits, to measure product telemetry and calculate aggregated statistics
• Information about device (Browser type, Operating System Version) - To obtain usage aggregated statistics
• Country - to detect country specific malware campaigns, to measure product telemetry and calculate aggregated statistics

NEW: Now you can vote for new features and submit your own ideas here https://portal.productboard.com/xulwvnojptubz1inywhyomen

By installing this extension to your browser, you confirm you read and agree to Avast's Privacy Policy (https://www.avast.com/privacy-policy) and End User License Agreement (https://www.avast.com/eula) which govern your download and use of the selected product.

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

v22.12.9 Info Scanned Mar 4, 2026

Security Analysis — Avast Online Security Pri

Analyzed v22.12.9 · Mar 4, 2026 · 10 JS files · 9985 KB scanned

Permissions

Code Patterns Detected

External Connections

www.w3.org www.facebook.com github.com s-install.avcdn.net lodash.com www.avast.com twitter.com www.amazon.com www.apache.org support.avast.com npms.io openjsf.org +8 more

Package Contents 79 files · 11.6MB

▾📁_metadata64KB

▾📁generated_indexed_rulesets53KB

📄_ruleset118KB

📄_ruleset21KB

📄_ruleset34KB

📄_ruleset45KB

📄_ruleset517KB

📄_ruleset61KB

📄_ruleset74KB

📄_ruleset84KB

{}verified_contents.json11KB

▾📁client8.9MB

▾📁cookie2.2MB

📜cookieConsent.js2KB

📜cookieFrameHandler.js196KBlarge

🎨cookieHandler.css37KB

📜cookieHandler.js2MBlarge

📜advertiser.js117KBlarge

🎨advisor.css37KB

📜advisor.js2MBlarge

🎨avast.css43KB

🌐extensionPage.html252B

📜gpc.js4KB

📜gpcWindowSetting.js45B

🎨main.css46KB

📜main.js1.9MBlarge

🎨runner-components.css64KB

🎨search.css3KB

🎨searchResults.css37KB

📜searchResults.js1.9MBlarge

🎨spawn.css535KB

▾📁fonts192KB

🔤AvastNitro Font-400.woff248KB

🔤AvastNitro Font-700.woff248KB

🔤NitroFont-400.woff248KB

🔤NitroFont-700.woff248KB

▾📁icons178KB

🖼bg.png132KB

🖼cookie-tooltip-accept.png13KB

🖼cookie-tooltip-decline.png13KB

🖼highlight-negative.svg668B

🖼highlight-normal.svg666B

🖼highlight-positive.svg668B

🖼icon-avast128.png3KB

🖼icon-avast32.png684B

🖼icon-avast64.png2KB

🖼spawn-checkbox-checked.png297B

🖼spawn-spinner.png12KB

▾📁locales560KB

{}Locale-ar.json28KB

{}Locale-cs.json22KB

{}Locale-da.json19KB

{}Locale-de.json22KB

{}Locale-en.json19KB

{}Locale-es-ES.json21KB

{}Locale-es.json21KB

{}Locale-fi.json20KB

{}Locale-fr.json21KB

{}Locale-hu.json22KB

{}Locale-it.json20KB

{}Locale-ja.json25KB

{}Locale-ko.json22KB

{}Locale-nb-NO.json20KB

{}Locale-nb.json20KB

{}Locale-nl.json21KB

{}Locale-pl.json23KB

{}Locale-pt-BR.json20KB

{}Locale-pt.json20KB

{}Locale-ru.json33KB

{}Locale-sk.json22KB

{}Locale-sv-SE.json20KB

{}Locale-sv.json20KB

{}Locale-tr.json22KB

{}Locale-zh-CN.json18KB

{}Locale-zh-TW.json19KB

▾📁rulesets92KB

{}AdTracking.json27KB

{}AdTracking_Allowed.json27KB

{}Meta.json16KB

{}Others.json1KB

{}Others_Allowed.json1KB

{}Social.json4KB

{}Social_Allowed.json4KB

{}WebAnalytics.json6KB

{}WebAnalytics_Allowed.json6KB

📜background.js1.7MBlarge

{}manifest.json3KB

What This Extension Does

Avast Online Security Plugin provides web reputation checks, phishing site blocking, and tracking cookie blocking. It's designed to protect users from online threats while browsing with Google Chrome.

Permissions Explained

tabsexpected: This permission allows the extension to access your open tabs and interact with them.
Technical: The extension can read and modify tab metadata, including URL, title, and content. This could potentially allow unauthorized data exfiltration or manipulation if compromised.
activeTabexpected: This permission allows the extension to access the currently active tab's metadata.
Technical: The extension can read and modify the active tab's URL, title, and content. This could potentially allow unauthorized data exfiltration or manipulation if compromised.
scriptingcheck this: This permission allows the extension to execute scripts in the context of your browsing session.
Technical: The extension can inject and execute arbitrary JavaScript code, potentially allowing unauthorized data exfiltration or manipulation if compromised. eval() is used, which can execute arbitrary code. ⚠ 1
storagecheck this: This permission allows the extension to store and retrieve data locally on your device.
Technical: The extension can read and write local storage, potentially allowing unauthorized data exfiltration or manipulation if compromised. String.fromCharCode and charCodeAt are used for obfuscation. ⚠ 1
alarmsexpected: This permission allows the extension to schedule background tasks.
Technical: The extension can schedule alarms, potentially allowing unauthorized data exfiltration or manipulation if compromised. However, this is a necessary permission for legitimate extensions that need to perform periodic checks.
declarativeNetRequestexpected: This permission allows the extension to intercept and modify network requests.
Technical: The extension can inject and modify network requests, potentially allowing unauthorized data exfiltration or manipulation if compromised. However, this is a necessary permission for legitimate extensions that need to perform web reputation checks.
declarativeNetRequestFeedbackexpected: This permission allows the extension to receive feedback on network requests.
Technical: The extension can receive feedback on network requests, potentially allowing unauthorized data exfiltration or manipulation if compromised. However, this is a necessary permission for legitimate extensions that need to perform web reputation checks.
https://*/*check this: This permission allows the extension to access all HTTPS sites.
Technical: The extension can read and modify HTTPS traffic, potentially allowing unauthorized data exfiltration or manipulation if compromised. This is a critical risk due to the sensitive nature of HTTPS traffic. ⚠ 1
http://*/*check this: This permission allows the extension to access all HTTP sites.
Technical: The extension can read and modify HTTP traffic, potentially allowing unauthorized data exfiltration or manipulation if compromised. This is a critical risk due to the sensitive nature of HTTP traffic. ⚠ 1

Your Data

Avast Online Security Plugin collects URL metadata, user feedback, usage data, internal extension identifier (GUID), and device information. It sends this data to various domains for web reputation checks and product telemetry.

Technical Details

The extension contacts the following domains: www.w3.org, www.facebook.com, github.com, s-install.avcdn.net, lodash.com, www.avast.com, twitter.com, www.amazon.com, www.apache.org, support.avast.com, npms.io, openjsf.org. It collects URL metadata, user feedback, usage data, internal extension identifier (GUID), and device information. The exact protocols used are not specified in the manifest file.

Code Findings

eval() UsedHigh

The extension uses eval(), which can execute arbitrary code, potentially allowing unauthorized data exfiltration or manipulation if compromised.

Technical: The eval() function is used in the extension's JavaScript files to execute arbitrary code. This could potentially allow unauthorized data exfiltration or manipulation if compromised.

💡 Legitimate extensions may use eval() for legitimate purposes, such as dynamic script injection.

innerHTML AssignmentMedium

The extension uses innerHTML assignment, which can be a potential XSS vector if not properly sanitized.

Technical: The extension assigns innerHTML to various elements, potentially allowing unauthorized data exfiltration or manipulation if compromised. However, this is a common pattern in legitimate extensions for dynamic content injection.

💡 Legitimate extensions may use innerHTML assignment for legitimate purposes, such as dynamic content injection.

String.fromCharCode and charCodeAt UsedMedium

The extension uses String.fromCharCode and charCodeAt for obfuscation, which can make it harder to analyze the code.

Technical: The extension uses String.fromCharCode and charCodeAt to obfuscate certain strings. This could potentially allow unauthorized data exfiltration or manipulation if compromised.

💡 Legitimate extensions may use these functions for legitimate purposes, such as encoding sensitive data.

Creates Script Elements DynamicallyHigh

The extension creates script elements dynamically, which can potentially allow unauthorized data exfiltration or manipulation if compromised.

Technical: The extension uses document.createElement to create script elements dynamically. This could potentially allow unauthorized data exfiltration or manipulation if compromised.

💡 Legitimate extensions may use this pattern for legitimate purposes, such as dynamic script injection.

Bottom Line

Avast Online Security Plugin has several concerning findings, including the use of eval(), innerHTML assignment, and String.fromCharCode/charCodeAt. While these patterns are not necessarily malicious, they do increase the risk of unauthorized data exfiltration or manipulation if compromised. Users should exercise caution when installing this extension and regularly review its permissions and behavior.